From dab981e68ffa784786f3a230dda990cf080187a7 Mon Sep 17 00:00:00 2001 From: freesource Date: Tue, 27 Nov 2001 20:09:08 +0000 Subject: [PATCH] Fixed pam test so that the 3rd field rather than the 4th field is being checked in the service-name files found in /etc/pam.d/. The 4th field is acceptable for pam.conf. If a path is specified in either conf format, that path will be checked, otherwise, either the pam default path of /usr/lib/security or the FSSTD location /lib/security will be checked for a match. --- BootRoot/Yard.pm | 82 ++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 76 insertions(+), 6 deletions(-) diff --git a/BootRoot/Yard.pm b/BootRoot/Yard.pm index 9312e7f..3d4d530 100644 --- a/BootRoot/Yard.pm +++ b/BootRoot/Yard.pm @@ -2202,10 +2202,42 @@ sub check_pam { chomp; next if /^\#/ or /^\s*$/; # Skip comments and empty lines my($file) = (split)[3]; # Get fourth field - if (!-e "$mount_point/$file") { - warning_test "$pam_conf($.): $_\n", - "\tLibrary $file does not exist on root fs\n"; + + # This adds a more extensive path search --freesource + my @file; + if ( $file !~ m,^/, ) { + my $base = basename($file); + @file = ("/usr/lib/security/$base", "/lib/security/$base"); + } + else { + @file = ($file); + } + + my (%file_check, $ok); + foreach my $files ( @file ) { + if (!-e "$mount_point/$files") { + info(0,"NO $mount_point/$files\n"); + $file_check{$files} = 0; + } + else { + info(0,"OK $mount_point/$files\n"); + $file_check{$files} = 1; + } + } + + for ( values %file_check ) { + $ok = 1 if $_ == 1; + } + + if ( !$ok ) { + + foreach $file ( @file ) { + warning_test "$pam_conf($.): $_\n", + "\tLibrary $file does not exist on root fs\n"; + } + } + # That's all we check for now } close(PAM) or error("Closing PAM: $!"); @@ -2226,14 +2258,52 @@ sub check_pam { next if /^\#/ or /^\s*$/; # Skip comments and empty lines my($file) = (split)[2]; ## Get third field --freesource $pam_configured = 1; - if (!-e "$mount_point/$file") { - warning_test "$file2($.): $_\n", - "\tLibrary $file does not exist on root fs\n"; + + # This adds a more extensive path search --freesource + my @file; + if ( $file !~ m,^/, ) { + my $base = basename($file); + @file = ("/usr/lib/security/$base", "/lib/security/$base"); + } + else { + @file = ($file); + } + + my (%file_check, $ok); + foreach my $files ( @file ) { + if (!-e "$mount_point/$files") { + info(0,"NO $mount_point/$files\n"); + $file_check{$files} = 0; + } + else { + info(0,"OK $mount_point/$files\n"); + $file_check{$files} = 1; + } + } + + for ( values %file_check ) { + $ok = 1 if $_ == 1; } + + if ( !$ok ) { + + foreach $file ( @file ) { + warning_test "$pam_conf($.): $_\n", + "\tLibrary $file does not exist on root fs\n"; + } + + } + + # if (!-e "$mount_point/$file") { + # warning_test "$file2($.): $_\n", + # "\tLibrary $file does not exist on root fs\n"; + # } + } close(PF); } closedir(PAMD); + info(0, "Done with $pamd_dir\n"); } # Finally, see whether PAM configuration is needed